Privacy Policy 100% Private

Last Updated: November 23, 2024

TL;DR: This extension does not collect, store, transmit, or share any of your personal data. Everything works 100% locally on your device. We have no servers, no analytics, and no tracking.

1. Introduction

TOTP Authenticator ("we", "our", or "the extension") is a privacy-focused Time-based One-Time Password (TOTP) authentication application. This Privacy Policy explains our commitment to protecting your privacy and describes how we handle (or more accurately, don't handle) your data.

2. Data Collection

2.1 What We Don't Collect

We do NOT collect any data whatsoever, including but not limited to:

2.2 What We Store Locally

The following data is stored ONLY on your local device using Chrome's local storage (chrome.storage.local):

Important: This data never leaves your device. It is not synchronized, uploaded, or transmitted to any server.

3. How Your Data is Protected

3.1 Local-Only Storage

All your data is stored exclusively in Chrome's local storage on your device. This storage is:

3.2 Optional Encryption

You can optionally enable PIN protection, which encrypts your TOTP secret keys using:

3.3 No Network Access

This extension does not request any network permissions and cannot:

4. Permissions Explanation

The extension requests the following Chrome permissions:

4.1 Required Permissions

4.2 Optional Permissions

4.3 Permissions We Do NOT Request

We deliberately do not request permissions for:

5. Third-Party Services

We do not use any third-party services. There are no:

6. QR Code Recognition

When you upload or paste a QR code image to add a new account:

7. Import/Export Functionality

The extension allows you to export and import your accounts:

Security Note: If you share an unencrypted export file, the recipient will have access to your TOTP secret keys. Always use password encryption when exporting sensitive data.

8. Open Source

This extension is open source, which means:

Source code repository: [Will be available on GitHub]

9. Data Retention and Deletion

9.1 How Long We Keep Your Data

Since all data is stored locally on your device, you have complete control over data retention:

9.2 How to Delete Your Data

You can delete your data at any time by:

10. Children's Privacy

This extension does not collect any data from anyone, including children under 13. Since we don't collect any personal information, we are compliant with the Children's Online Privacy Protection Act (COPPA).

11. International Users

This extension works entirely offline and locally. Your data never leaves your device, regardless of your geographic location. We do not transfer data across borders because we don't transfer data at all.

12. Changes to This Privacy Policy

If we make any changes to this Privacy Policy, we will:

We will never change this policy to allow data collection without your explicit consent.

13. Your Rights

Since we don't collect your data, traditional data privacy rights (access, rectification, deletion, portability) are inherently protected:

14. Security Measures

We implement industry-standard security practices:

15. Compliance

This extension is designed to be compliant with:

Note: Compliance is simplified by the fact that we don't collect any data.

16. Cookies and Tracking Technologies

This extension does not use:

17. Contact Information

If you have questions about this Privacy Policy, please contact us:

Website: https://v2cross.com

GitHub Issues: [Repository URL will be added]

Email: [Your contact email]

18. Transparency Commitment

We believe in complete transparency:

19. Summary

In Plain English:

TOTP Authenticator is completely private. It works 100% locally on your device, never connects to the internet, and doesn't collect any data about you. Your TOTP codes and account information stay on your device and are under your complete control. We can't see your data, we don't want your data, and our extension is designed from the ground up to protect your privacy.


© 2024 TOTP Authenticator. Licensed under MIT License.
Built with privacy in mind. No data collection, ever.